java抓包后对pcap文件解析示例_Java教程-查字典教程网
java抓包后对pcap文件解析示例
java抓包后对pcap文件解析示例
发布时间:2016-12-28 来源:查字典编辑
摘要:这是自己写的简单的解析pcap文件,方便读取pcap文件,大家参考使用吧复制代码代码如下:InputStreamis=DataParser....

这是自己写的简单的解析pcap文件,方便读取pcap文件,大家参考使用吧

复制代码 代码如下:

InputStream is = DataParser.class.getClassLoader().getResourceAsStream("baidu_cdr.pcap");

Pcap pcap = PcapParser.unpack(is);

is.close();

byte[] t = pcap.getData().get(0).getContent();

byte[] data = Arrays.copyOfRange(t, 42, t.length);

PcapParser.java

复制代码 代码如下:

package com.hylanda.pcap;

import java.io.IOException;

import java.io.InputStream;

import java.util.ArrayList;

import java.util.List;

/**

* @author zhouqisheng

*

*/

public class PcapParser {

public static Pcap unpack(InputStream is) throws IOException {

Pcap pcap = null;

byte[] buffer_4 = new byte[4];

byte[] buffer_2 = new byte[2];

pcap = new Pcap();

PcapHeader header = new PcapHeader();

int m = is.read(buffer_4);

if(m != 4){

return null;

}

reverseByteArray(buffer_4);

header.setMagic(byteArrayToInt(buffer_4, 0));

m = is.read(buffer_2);

reverseByteArray(buffer_2);

header.setMagor_version(byteArrayToShort(buffer_2, 0));

m = is.read(buffer_2);

reverseByteArray(buffer_2);

header.setMinor_version(byteArrayToShort(buffer_2, 0));

m = is.read(buffer_4);

reverseByteArray(buffer_4);

header.setTimezone(byteArrayToInt(buffer_4, 0));

m = is.read(buffer_4);

reverseByteArray(buffer_4);

header.setSigflags(byteArrayToInt(buffer_4, 0));

m = is.read(buffer_4);

reverseByteArray(buffer_4);

header.setSnaplen(byteArrayToInt(buffer_4, 0));

m = is.read(buffer_4);

reverseByteArray(buffer_4);

header.setLinktype(byteArrayToInt(buffer_4, 0));

pcap.setHeader(header);

List<PcapData> dataList = new ArrayList<PcapData>();

while (m > 0) {

PcapData data = new PcapData();

m = is.read(buffer_4);

if (m < 0) {

break;

}

reverseByteArray(buffer_4);

data.setTime_s(byteArrayToInt(buffer_4, 0));

m = is.read(buffer_4);

reverseByteArray(buffer_4);

data.setTime_ms(byteArrayToInt(buffer_4, 0));

m = is.read(buffer_4);

reverseByteArray(buffer_4);

data.setpLength(byteArrayToInt(buffer_4, 0));

m = is.read(buffer_4);

reverseByteArray(buffer_4);

data.setLength(byteArrayToInt(buffer_4, 0));

byte[] content = new byte[data.getpLength()];

m = is.read(content);

data.setContent(content);

dataList.add(data);

}

pcap.setData(dataList);

return pcap;

}

private static int byteArrayToInt(byte[] b, int offset) {

int value = 0;

for (int i = 0; i < 4; i++) {

int shift = (4 - 1 - i) * 8;

value += (b[i + offset] & 0x000000FF) << shift;

}

return value;

}

private static short byteArrayToShort(byte[] b, int offset) {

short value = 0;

for (int i = 0; i < 2; i++) {

int shift = (2 - 1 - i) * 8;

value += (b[i + offset] & 0x000000FF) << shift;

}

return value;

}

/**

* 反转数组

* @param arr

*/

private static void reverseByteArray(byte[] arr){

byte temp;

int n = arr.length;

for(int i=0; i<n/2; i++){

temp = arr[i];

arr[i] = arr[n-1-i];

arr[n-1-i] = temp;

}

}

}

Pcap.java

复制代码 代码如下:

/**

*

*/

package com.hylanda.pcap;

import java.util.List;

/**

* @author zhouqisheng

*

*/

public class Pcap {

private PcapHeader header;

private List<PcapData> data;

public PcapHeader getHeader() {

return header;

}

public void setHeader(PcapHeader header) {

this.header = header;

}

public List<PcapData> getData() {

return data;

}

public void setData(List<PcapData> data) {

this.data = data;

}

@Override

public String toString(){

StringBuilder s = new StringBuilder();

s.append("header{n");

s.append(header.toString());

s.append("}n");

s.append("data part count=").append(data.size());

return s.toString();

}

}

PcapData.java

复制代码 代码如下:

package com.hylanda.pcap;

/**

* @author zhouqisheng

* 数据包头

*/

public class PcapData {

private int time_s;//时间戳(秒)

private int time_ms;//时间戳(微妙)

private int pLength;//抓包长度

private int length;//实际长度

private byte[] content;//数据

public int getTime_s() {

return time_s;

}

public void setTime_s(int time_s) {

this.time_s = time_s;

}

public int getTime_ms() {

return time_ms;

}

public void setTime_ms(int time_ms) {

this.time_ms = time_ms;

}

public int getpLength() {

return pLength;

}

public void setpLength(int pLength) {

this.pLength = pLength;

}

public int getLength() {

return length;

}

public void setLength(int length) {

this.length = length;

}

public byte[] getContent() {

return content;

}

public void setContent(byte[] content) {

this.content = content;

}

@Override

public String toString(){

StringBuilder s = new StringBuilder();

s.append("time_s=").append(this.time_s);

s.append("ntime_ms=").append(this.time_ms);

s.append("npLength=").append(this.pLength);

s.append("nlength=").append(this.length);

return null;

}

}

PcapHeader.java

复制代码 代码如下:

package com.hylanda.pcap;

/**

* @author zhouqisheng

* pcap文件头

*/

public class PcapHeader {

private int magic;//文件识别头,为0xA1B2C3D4

private short magor_version;//主要版本

private short minor_version;//次要版本

private int timezone;//当地标准时间

private int sigflags;//时间戳的精度

private int snaplen;//最大的存储长度

/**

* 0 BSD loopback devices, except for later OpenBSD

1 Ethernet, and Linux loopback devices

6 802.5 Token Ring

7 ARCnet

8 SLIP

9 PPP

10 FDDI

100 LLC/SNAP-encapsulated ATM

101 “raw IP”, with no link

102 BSD/OS SLIP

103 BSD/OS PPP

104 Cisco HDLC

105 802.11

108 later OpenBSD loopback devices (with the AF_value in network byte order)

113 special Linux “cooked” capture

114 LocalTalk

*/

private int linktype;//链路类型

public int getMagic() {

return magic;

}

public void setMagic(int magic) {

this.magic = magic;

}

public short getMagor_version() {

return magor_version;

}

public void setMagor_version(short magor_version) {

this.magor_version = magor_version;

}

public short getMinor_version() {

return minor_version;

}

public void setMinor_version(short minor_version) {

this.minor_version = minor_version;

}

public int getTimezone() {

return timezone;

}

public void setTimezone(int timezone) {

this.timezone = timezone;

}

public int getSigflags() {

return sigflags;

}

public void setSigflags(int sigflags) {

this.sigflags = sigflags;

}

public int getSnaplen() {

return snaplen;

}

public void setSnaplen(int snaplen) {

this.snaplen = snaplen;

}

public int getLinktype() {

return linktype;

}

public void setLinktype(int linktype) {

this.linktype = linktype;

}

@Override

public String toString(){

StringBuilder s = new StringBuilder();

s.append("magic=").append("0x" + Integer.toHexString(this.magic));

s.append("nmagor_version=").append(this.magor_version);

s.append("nminor_version=").append(this.minor_version);

s.append("ntimezone=").append(this.timezone);

s.append("nsigflags=").append(this.sigflags);

s.append("nsnaplen=").append(this.snaplen);

s.append("nlinktype=").append(this.linktype);

return s.toString();

}

}

相关阅读
推荐文章
猜你喜欢
附近的人在看
推荐阅读
拓展阅读
  • 大家都在看
  • 小编推荐
  • 猜你喜欢
    •
    最新Java学习
    热门Java学习
    编程开发子分类